[Samba] ldap authentication without 'ldap filter' parameter
Norbert Gomes
norbert.gomes at orleans-tours.iufm.fr
Wed Feb 8 10:46:04 GMT 2006
Hello
I'm trying to update samba from 3.0.11 to 3.0.21 and I noticed that the
'ldap filter' paramater has been removed.
After some search, I read that I have to configure nss_ldap. But I don't
know how to configure it properly to operate with our LDAP database.
Let me explain :
We used the 'ldap filter' parameter like this :
ldap filter = (&(iufmLogin=%u)(gecos=#*))
Our authentication is based on the 'iufmLogin' attribute (we cannot use
the 'uid' attribute) and the gecos has to start with the '#' character
for the user to be authenticated.
But my problem is that I can't parameter the /etc/ldap.conf file to use
these filters.
I tried to put this in the /etc/ldap.conf file :
pam_filter iufmLogin=%s
pam_login_attribute iufmLogin
But the system seems to ignore these filters and it only uses the 'uid'
attribute when I try the 'getent passwd' command.
Can someone explain me how to do this correctly ?
Thanks
Norbert Gomes
More information about the samba
mailing list